Bug ID: 29506
           Summary: Support for a system-wide configuration file to
                    specify permissions for web-applications
           Product: WebAppsWG
           Version: unspecified
          Hardware: All
                OS: All
            Status: NEW
          Severity: enhancement
          Priority: P2
         Component: XHR
        QA Contact:
  Target Milestone: ---

Initially I have reported this here ( ) but since the
group has closed I'm forwarding it to here. Here is a copy of the original

At Mozilla's bugzilla a discussion woke up ( ) to make XMLHttpRequest
useable for web-applications on the file-protocol without requiring the server
to enable CORS. At the end of the current discussion I got the idea of a
system-wide configuration file to solve this issue:

- It contains permissions it grants to web-applications (for example
specific/all permissions on specific files/directories).
- Installer invoked by the user can write the required permissions for their
web-application to this file. Also the user can enter manually entries if he
- A site launched unintentionally on the file-protocol can't do evil things
since it wouldn't be listed in this file.

This would help to make web-applications launched on the file-protocol (for
example installed by upstream-installers on desktop-PC's) to be more

You are receiving this mail because:
You are on the CC list for the bug.

Reply via email to